I have a bit of a headache with a server doing some rather mysterious yet static changes to permissions in /home. The server in question is a FreeBSD server. It's an older beast with quite a few custom tweaks and now I'm stuck with it :-)
The problem is that some of the directories in /home will get their owner and group changed to a numeric value. The value does not have anything in common with UID or GID and when a temporary fix is made (chown user:user user), it's a matter of time before it happens again. It may happen within 24 hours or within a week, there seems to be no indicator.
The numeric value for each user will remain the same. This sounds a bit weird, but consider this:
Before the change:
After the change:
Then we chmod it back.
Next time it happens, same values.
Since we have a large serverfarm my first instinct was to check for suspicious crontab entries - none found.
I then checked root's authorized keys to see if any old timers would have some kind of (horrible) remote "cleanup" - none found.
I have been knee-deep in pretty much /var/log* - especially auth.log, cron, messages, etc. for good measure, but there is really no indicator.
I know little about the machine itself besides that it's a virtual guest on a VMWare host. I wrote a workaround script to look at /home every 5 minutes and pull anything with an odd looking (numeric) owner and fix permissions by taking the name of the homedir and chown the poor people's functionality back, because this problem effectively prevents them from writing anything in their homedir.
I know I may be leading you on a wild goosechase here because of the tricky element that the server is a modified FreeBSD and is an older version back from 2003. (One can reason that it need upgrading but a lot of legacy are preventing us for doing so at the moment), but I am very curious if any of you have seen similar behaviour before or would have any other suggestions on where to look for culprits.
Very strange.... is the / home directory nfs shared (or mounted) elsewhere? is it subject to access by any other system (for backup purposes etc) that could possibly be changing permissions.
I'm thinking along the similar lines or un-tarring source code where the user/groupid is numerical because the source user doesn't exist on the local system. does the userid "192382" in your example exist on another system?
Thanks for the response and sorry for my lack of response, I was pretty busy the rest of the week. I have dug deeper into this and while there are "repository servers" there are no trace of any user management system/scripts and there is also no trace of any strange jobs.
I am closing in on the "periodic daily" as the likely culprit. I have set some monitoring up which sounds an alert at pretty much the same time as periodic daily runs
I'm probably going to have to dissect the /etc/periodic/daily stuff to try to find evidence for this (or either just uncomment periodic for a day or two and see if the permissions behave). According to man periodic it just executes shell scripts in /etc/periodic/daily|weekly|monthly|security.
for incompatibility installation problems, I've decided to reinstall Centos 6.3
as can be seem from the df output, I've partitioned both / and and /home directories
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda8 12G 5.3G 6.5G 45% /
tmpfs ... (2 Replies)
i'm grepping for words in the /var/adm/messages (sun solaris).
but it looks like while my grepping finds the strings, when it outputs them out, the beginning of some lines are chopped off.
Jun 13 14:06:02 sky.net ufs: NOTICE: alloc: /prod: file system full
3 14:39:19 sky.net ufs: NOTICE:... (1 Reply)
Hi
i am new to this admin area .
i have created user with name as "ab" and gave home dir as /home/ab .
when i tried to create the /home/ab dir , i got he following error.
"mkdir: Failed to make directory "/home/ab"; Operation not applicable
"
Thanks in advance . (1 Reply)
RHEL5.0
As we know, when root create a new user, a new home directory will be created : /home/user
I want to know what determine the access permission of /home/user .
Thanks! (1 Reply)
Any recommend manufacturers for an internal SCSI tape drive in my FreeBSD 7.0 home server? Besides RAID-1, I'm not backing-up, but man, are they expensive! What makes a tape drive so darn pricy? There is no way I can afford a new drive so I'll start looking on eBay and craigslist to see if there... (3 Replies)
can anyone tell me how to display the permissions of a users home directory.
can i use ls -l but it only gives the permissions of the files and directories inside the directory..:confused::confused::confused::confused: (9 Replies)
Hi All,
I am using sftp to transfer files between two unix machines. As per my knowledge, in order to use public key authentication, the remote user's home directory permission should be set to 750 ( basically group and others should not have write permission ). Is there any way to over ride... (1 Reply)
Hello, have a look my top and ps as below
Inact memory reach 1.6G, does it normal ?
load averages: 0.07, 0.02, 0.01; up 7+06:48:52 02:58:01
91 processes: 2 running, 89 sleeping
CPU states: 0.0% user, 0.0% nice, 0.4% system, 0.0% interrupt, 99.6% idle
Memory: 24M... (0 Replies)
I'm having trouble with Abnormal Termination errors. What are they, what causes them and how can I prevent them from happening? Are they application specific? (2 Replies)